<?php
require_once( './includes/WebStart.php' );


if( $wgUser->isLoggedIn() &&  is_numeric($_GET[value]) && is_numeric($_GET[id_comment])) {
  
  $id_user = $wgUser->getId();
  $id_comment = mysql_real_escape_string($_GET[id_comment]);
  $value = mysql_real_escape_string($_GET[value]);
  $datenow = date("Y-m-d H:i:s", time() );


  //FIRST CHECK IF EXISTS
  $dbr = wfGetDB( DB_SLAVE );
  $sql = "SELECT id_comment  FROM ss_file_comments_votes WHERE id_comment = '$id_comment' AND id_user = '$id_user'";
  
  $res = $dbr->query( $sql );
  
  if ($id_user == $row->id_user){
   
    echo  'dont vote your comments'; 
  }
  
  
  elseif ( $row = $dbr->fetchObject( $res )) {  //if exists DONT LET VOTE!

    echo  'you voted before';
    
  }
  
  else { //if not exists the query search, create new vote row
  
  //INSERT NEW
  $dbw =& wfGetDB( DB_MASTER );
  $dbw->begin();   
  $sql = "INSERT INTO ss_file_comments_votes (id_comment, id_user, value, date)
            VALUES ('$id_comment' , '$id_user', '$value', '$datenow')";
       
  $dbw->query( $sql );
  $dbw->commit();
  
  
  echo  'value='.$value;
  }
  
} else {
  die(-1);
}
